docs: make Lit Action examples standalone #1326
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Runs cargo fmt --check, cargo clippy, cargo build --all-features, and | |
| # cargo test --all-features on every pull request. | |
| name: Rust CI | |
| on: | |
| pull_request: | |
| permissions: | |
| contents: read | |
| # Cancel any in-progress run on the same branch/PR when a new commit is pushed. | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| check: | |
| if: > | |
| github.event_name == 'push' || | |
| github.event.pull_request.head.repo.full_name == github.repository | |
| name: ${{ matrix.crate }} | |
| runs-on: self-hosted | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| crate: | |
| - lit-actions | |
| - lit-core | |
| - lit-api-server | |
| - lit-api-server/blockchain/rust_generator_and_deployer | |
| - lit-billing-core | |
| - lit-payments | |
| steps: | |
| - uses: actions/checkout@v4 | |
| # Force a clean workspace — self-hosted runners persist state between runs | |
| # and checkout@v4 alone is not always sufficient to clear stale files. | |
| - name: Reset workspace to HEAD | |
| run: git checkout HEAD -- . | |
| # lit-actions needs libsqlite3-dev + libclang-dev (bindgen for libsqlite3-sys) | |
| # lit-api-server depends on lit-actions-grpc which runs a protobuf build script | |
| # Both steps retry with back-off because concurrent matrix jobs on the same | |
| # self-hosted machine can contend for /var/lib/apt/lists/lock. | |
| - name: Install system dependencies (lit-actions) | |
| if: matrix.crate == 'lit-actions' | |
| run: | | |
| for i in 1 2 3 4 5; do | |
| sudo apt-get update -qq && \ | |
| sudo apt-get install -y libsqlite3-dev libclang-dev && break | |
| echo "apt lock held, waiting 10s (attempt $i/5)..." | |
| sleep 10 | |
| done | |
| - name: Install system dependencies (lit-api-server) | |
| if: matrix.crate == 'lit-api-server' | |
| run: | | |
| for i in 1 2 3 4 5; do | |
| sudo apt-get update -qq && \ | |
| sudo apt-get install -y protobuf-compiler && break | |
| echo "apt lock held, waiting 10s (attempt $i/5)..." | |
| sleep 10 | |
| done | |
| # All crates now have rust-toolchain.toml pinned to 1.91; this action | |
| # installs the toolchain declared in the file for the working directory. | |
| - uses: dtolnay/rust-toolchain@1.91 | |
| with: | |
| components: rustfmt, clippy | |
| - name: fmt | |
| working-directory: ${{ matrix.crate }} | |
| run: cargo fmt --all -- --check | |
| - name: clippy | |
| working-directory: ${{ matrix.crate }} | |
| run: cargo clippy --locked --all-features -- -D warnings | |
| - name: build | |
| working-directory: ${{ matrix.crate }} | |
| run: cargo build --locked --all-features | |
| - name: test | |
| working-directory: ${{ matrix.crate }} | |
| run: cargo test --locked --all-features | |
| # Supply-chain check: cargo-deny covers the RustSec advisory DB (same | |
| # source as cargo-audit) plus a git-source allowlist. Installed once per | |
| # matrix job via taiki-e/install-action, which uses prebuilt binaries. | |
| # The pre-existing advisory backlog lives in deny.toml's [advisories.ignore] | |
| # block; new RUSTSEC IDs fail CI by default. | |
| - uses: taiki-e/install-action@v2 | |
| with: | |
| tool: cargo-deny | |
| - name: deny | |
| working-directory: ${{ matrix.crate }} | |
| # -W advisory-not-detected / unmatched-source: the deny.toml ignore + | |
| # allow-git lists are the union across all four workspaces, so each | |
| # individual workspace sees entries that don't apply — downgrade those | |
| # lints to warnings so they don't fail the build. | |
| run: cargo deny check --config ${{ github.workspace }}/deny.toml -W advisory-not-detected -W unmatched-source advisories sources |